注意：复选框验证的未定义索引

Question

请帮助验证复选框...每次我点击提交时，都会弹出一条通知，上面写着： // 检查字段中是否有信息？ if($_POST[$field] == '') array_push($validation, $field);

我放了一个**需要注意的代码。我可能在复选框部分遗漏了一些东西。有人可以看看代码吗？提前致谢。

if(isset($_POST['submit']) && $_POST['submit'] == 'SIGN-UP')
{
//recieve and clean up the variables
//prevent mysql injection
$name = mysql_real_escape_string($_POST['name']);
$surname = mysql_real_escape_string($_POST['surname']);
$position = mysql_real_escape_string($_POST['position']);
$organization = mysql_real_escape_string($_POST['organization']);
$email = mysql_real_escape_string($_POST['email']);
$ip = gethostbyname($_SERVER['REMOTE_ADDR']);

//save the data on the DB

//close connection 

}

// Set email variables
$email_to = '';
$email_subject = '';

**// Set required fields
$required_fields = array('webinars', 'name', 'surname', 'position', 'organization', 'email');**

**// set error messages
$error_messages = array(
  'webinars' => 'Please enter your Webinar to proceed.',**
  'name' => 'Please enter your Name to proceed.',
  'surname' => 'Please enter your Surname to proceed.',
  'position' => 'Please enter a Position to proceed.',
  'organization' => 'Please enter your Organization to proceed.',
  'email' => 'Please enter a valid Email Address to continue.'
);

// Set form status
$form_complete = FALSE;

// configure validation array
$validation = array();

// check form submittal
if(!empty($_POST)) {
// Sanitise POST array
foreach($_POST as $key => $value) $_POST[$key] = remove_email_injection(trim($value));

// Loop into required fields and make sure they match our needs
foreach($required_fields as $field) {       
// the field has been submitted?
if(!array_key_exists($field, $_POST)) array_push($validation, $field);

// check there is information in the field?
if($_POST[$field] == '') array_push($validation, $field);

// validate the email address supplied
if($field == 'email') if(!validate_email_address($_POST[$field])) array_push($validation, $field);
    }

// basic validation result
if(count($validation) == 0) {
// Prepare our content string
$email_content = 'New webinar attendee for Cancer Surveillance: ' . "\n\n";

// simple email content
foreach($_POST as $key => $value) {
if($key != 'submit') $email_content .= $key . ': ' . $value . "\n";
        }

// if validation passed ok then send the email
mail($email_to, $email_subject, $email_content);

// Update form switch
        $form_complete = TRUE;
    }
}

function validate_email_address($email = FALSE) {
return (preg_match('/^[^@\s]+@([-a-z0-9]+\.)+[a-z]{2,}$/i', $email))? TRUE : FALSE;
}

function remove_email_injection($field = FALSE) {
   return (str_ireplace(array("\r", "\n", "%0a", "%0d", "Content-Type:", "bcc:","to:","cc:"), '', $field));
}
?>



<?php if($form_complete === FALSE): ?>

<div id="newsletter">

<form id="form" class="" name="form" method="post" action="cancer-surveillance-signup.php">
<label></label>

<fieldset>
**<label>Please select webinar dates:<?php if(in_array('webinars', $validation)): ?><span class="error"><?php echo $error_messages['webinars']; ?></span><?php endif; ?></label>
<div class="webinarId">
<input type="checkbox" name="webinar" value="<?php echo isset($_POST['webinars'])? $_POST['webinars'] : ''; ?>March 9, 2012" />Friday, March 9, 2012, 11:00 AM<br>
<input type="checkbox" name="webinar" value="March 11, 2012" />Monday, March 11, 2012, 11:00 AM<br>
</div>**


<label>Name: <?php if(in_array('name', $validation)): ?><span class="error"><?php echo $error_messages['name']; ?></span><?php endif; ?><input type="text" id="name" name="name" value="<?php echo isset($_POST['name'])? $_POST['name'] : ''; ?>" onFocus="this.value=''" maxlength="255"></label>

<label>Surname: <?php if(in_array('name', $validation)): ?><span class="error"><?php echo $error_messages['surname']; ?></span><?php endif; ?><input type="text" id="surname" name="surname" value="<?php echo isset($_POST['surname'])? $_POST['surname'] : ''; ?>" onFocus="this.value=''" maxlength="255"></label>

<label>Position: <?php if(in_array('name', $validation)): ?><span class="error"><?php echo $error_messages['position']; ?></span><?php endif; ?><input type="text" id="position" name="position" value="<?php echo isset($_POST['position'])? $_POST['position'] : ''; ?>" onFocus="this.value=''" maxlength="255"></label>

<label>Organization: <?php if(in_array('name', $validation)): ?><span class="error"><?php echo $error_messages['organization']; ?></span><?php endif; ?><input type="text" id="organization" name="organization" value="<?php echo isset($_POST['organization'])? $_POST['organization'] : ''; ?>" onFocus="this.value=''" maxlength="255"></label>

<label>Email: <?php if(in_array('email', $validation)): ?><span class="error"><?php echo $error_messages['email']; ?></span><?php endif; ?><input type="text" id="email" name="email" value="<?php echo isset($_POST['email'])? $_POST['email'] : ''; ?>" onFocus="this.value=''" maxlength="255"></label>
<input type="submit" id="submit" name="submit" value="SIGN-UP" onclick="onSubmit();">
</fieldset>
</form><!-- end sign up form -->

Answer 1

如果未选中复选框，则未提交其值，除非选中该框，否则该键将不存在。首先使用isset 测试它的存在。

if(isset($_POST[$field]) && $_POST[$field] == '')

$field 取决于该字段是否在必填字段数组中，而不是它是否在$_POST 中。因为这个条件没有嵌套在使用array_key_exists 的条件中，所以不存在$_POST[$field] 的条件，因此您需要使用isset 或array_key_exists - 我个人更喜欢isset。

Answer 2

<?php 

   require("connection.php");
    if(isset($_POST['submit']) && $_POST['submit'] == 'SIGN-UP')
    {
    $sql= mysql_query("INSERT INTO login (email,username,password) VALUES('$_POST[email]','$_POST[username]','$password')");


    $form_complete = FALSE;

    // configure validation array
    $validation = array();

    // check form submittal
    if(!empty($_POST)) {
    // Sanitise POST array
    foreach($_POST as $key => $value) $_POST[$key] = remove_email_injection(trim($value));

    // Loop into required fields and make sure they match our needs
    foreach($required_fields as $field) {       
    // the field has been submitted?
    if(!array_key_exists($field, $_POST)) array_push($validation, $field);

    // check there is information in the field?
    if($_POST[$field] == '') array_push($validation, $field);

    // validate the email address supplied
    if($field == 'email') if(!validate_email_address($_POST[$field])) array_push($validation, $field);
        }

    // basic validation result
    if(count($validation) == 0) {
    // Prepare our content string
    $email_content = 'New webinar attendee for Cancer Surveillance: ' . "\n\n";

    // simple email content
    foreach($_POST as $key => $value) {
    if($key != 'submit') $email_content .= $key . ': ' . $value . "\n";
            }

    // if validation passed ok then send the email
    //mail($email_to, $email_subject, $email_content);

    // Update form switch
            $form_complete = TRUE;
        }
    }

    function validate_email_address($email = FALSE) {
    return (preg_match('/^[^@\s]+@([-a-z0-9]+\.)+[a-z]{2,}$/i', $email))? TRUE : FALSE;
    }

    //function remove_email_injection($field = FALSE) {
//     return (str_ireplace(array("\r", "\n", "%0a", "%0d", "Content-Type:", "bcc:","to:","cc:"), '', $field));
//  }


 if($form_complete === FALSE): 
?>





<form action="test1.php" method="post">
 email:label>Email: <?php if(in_array('email', $validation)): ?><span class="error"><?php echo $error_messages['email']; ?></span><?php endif; ?><input type="text" id="email" name="email" value="<?php echo isset($_POST['email'])? $_POST['email'] : ''; ?>" onFocus="this.value=''" maxlength="255"></label>
    <input type="submit" id="submit" name="submit" value="SIGN-UP" onclick="onSubmit();">

</form>




OUTPUT SHOW Parse error: syntax error, unexpected $end